Skip to content

Instantly share code, notes, and snippets.

View apapacy's full-sized avatar

apapacy

13 followers · 10 following
View GitHub Profile
@apapacy
apapacy / cluster-19.sh
Created February 1, 2023 00:16 — forked from diafour/cluster-19.sh
Run kind cluster with access to local registry
#!/usr/bin/env bash
# A helper for kind to create and delete clusters with untrusted local registry.
# Based on https://kind.sigs.k8s.io/docs/user/local-registry/
#
# Note: kind 0.10.0
# Settings for kind cluster
CLUSTER_NAME="kube-19"
KIND_NODE_IMAGE="kindest/node:v1.19.7"
@apapacy
apapacy / msg.json
Created November 21, 2022 21:36 — forked from rmoff/msg.json
Kafka Connect JSON message with schema/payload
{
"schema": {
"type": "struct",
"fields": [{
"type": "int32",
"optional": true,
"field": "c1"
}, {
"type": "string",
"optional": true,
@apapacy
apapacy / arangodb.cluster.txt
Created November 18, 2022 21:41
ExecStart=/usr/sbin/arangod --uid arangodb --gid arangodb --pid-file /var/run/arangodb3/arangod.pid --temp.path /var/tmp/arangodb3 --log.foreground-tty true --server.jwt-secret=/tmp/arango.jwt --server.endpoint tcp://0.0.0.0:8529 --agency.my-address tcp://arango-manager:8529 --agency.size 1 --agency.activate true
ExecStart=/usr/sbin/arangod --uid arangodb --gid arangodb --pid-file /var/run/arangodb3/arangod.pid --temp.path /var/tmp/arangodb3 --log.foreground-tty true --server.jwt-secret=/tmp/arango.jwt --server.endpoint tcp://0.0.0.0:8529 --cluster.my-address tcp://arango-data:8529 --cluster.my-local-info arango-data --cluster.my-role PRIMARY --cluster.agency-endpoint tcp://arango-manager:8529
ExecStart=/usr/sbin/arangod --uid arangodb --gid arangodb --pid-file /var/run/arangodb3/arangod.pid --temp.path /var/tmp/arangodb3 --log.foreground-tty true --server.jwt-secret=/tmp/arango.jwt --server.endpoint tcp://0.0.0.0:8529 --cluster.my-address tcp://arango-data-1:8529 --cluster.my-local-info arango-data-1 --c
@apapacy
apapacy / server.conf
Created August 1, 2021 14:08 — forked from marcw/server.conf
Nginx configuration to serve a Symfony app under a subdirectory of a PHP application
# With this nginx configuration, you will be able to serve a Symfony app in a subdirectory
# of a wordpress (or any other PHP application).
server {
listen 80;
listen [::]:80;
server_name mysite.com;
root /var/www/wordpress;
index index.php app.php index.html;
@apapacy
apapacy / ffmpeg-hls.html
Created December 15, 2019 08:33 — forked from CharlesHolbrow/ffmpeg-hls.html
Example of ffmpeg for live hls streaming with hls.js
<!DOCTYPE html>
<html lang='`en'>
<head>
<meta charset='utf-8'/>
<title>Audio only stream example</title>
<script src="//cdn.jsdelivr.net/npm/hls.js@latest"></script>
<style>
video {
width: 640px;
height: 360px;
@apapacy
apapacy / cli.ini
Created August 13, 2019 04:27 — forked from jkraemer/cli.ini
Let's Encrypt certificate renewal with HAProxy
# Use a 4096 bit RSA key instead of 2048
rsa-key-size = 4096
# update to register with the specified e-mail address
email = [email protected]
# use a text interface instead of ncurses
text = True
non-interactive = True
agree-tos = True
@apapacy
apapacy / Oracle Instant Client cx_Oracle on Fedora CentOS RHEL
Created August 7, 2019 21:40 — forked from ajinkya-bhosale/Oracle Instant Client cx_Oracle on Fedora CentOS RHEL
Steps to Install Oracle Instant client and cx_Oracle on Fedora/CentOS/RHEL
1) Download Instant client from oracle website
http://www.oracle.com/technetwork/database/features/instant-client/index-097480.html
e.g. for Linux 86_64
http://www.oracle.com/technetwork/topics/linuxx86-64soft-092277.html
Download
1) oracle-instantclient11.2-basic-11.2.0.3.0-1.x86_64.rpm
@apapacy
apapacy / iptables-http-dos-shield.txt
Created September 9, 2018 13:21 — forked from valeriansaliou/iptables-http-dos-shield.txt
HTTP/HTTPS DOS shield w/ IPTables
# Those rules protect HTTP/HTTPS services for both IPv4 and IPv6 sources as such:
# 1. Prevent a /32 IPv4 or /64 IPv6 to open more than 10 HTTPS?/TCP connections per second (the limit is high, but this still shield against some attacks) — DROP TCP packets in this case, to avoid generating egress traffic sending a RST
# 2. Limit ingress bandwidth to HTTPS? services to 32KB/sec (adjust to your needs, in my case it is used to shield a WebSocket backend against incoming WebSocket message floods)
# 3. Limit the number of simultaneous ongoing connections to HTTPS? to 40 (also, high limit, adjust to your needs)
# The protections those rules offer:
# 1. Prevent crypto-DOS (ie. a client that proceed too many key exchanges and thus exhaust server CPU)
# 2. Prevent WebSocket floodings (eg. I use this for Socket.IO, which has no efficient way to rate-limit received messages before they get parsed)
# 3. Prevent ephemeral TCP port exhaustion due to a client holding too many TCP connections
# 4. Prevent IPv6 rotation attac
@apapacy
apapacy / install-chrome-headless.sh
Created February 25, 2018 16:12 — forked from ipepe/install-chrome-headless.sh
Installing headless chrome on Ubuntu.
#!/bin/bash
# from https://chromium.woolyss.com/
# and https://gist.github.com/addyosmani/5336747
# and https://chromium.googlesource.com/chromium/src/+/lkgr/headless/README.md
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:canonical-chromium-builds/stage
sudo apt-get update
sudo apt-get install chromium-browser
chromium-browser --headless --no-sandbox http://example.org/
@apapacy
apapacy / sysctl.conf
Created January 15, 2018 18:40 — forked from kgriffs/sysctl.conf
Linux Web Server Kernel Tuning
# Configuration file for runtime kernel parameters.
# See sysctl.conf(5) for more information.
# See also http://www.nateware.com/linux-network-tuning-for-2013.html for
# an explanation about some of these parameters, and instructions for
# a few other tweaks outside this file.
# Protection from SYN flood attack.
net.ipv4.tcp_syncookies = 1